9

My naive understanding of proof-of-work algorithms is that they are essentially a p=np type problem where it's easy to check a solution, but difficult to produce a solution.

I have recently read that some cryptocurrencies are based on algorithms that are designed to be resistant to ASIC mining - they're built to live on the GPU. This got me wondering if there is a proof-of-work algorithm that could be designed to run on CPU (and therefore GPU/ASIC usage would give poorer performance)?

My first instinct was no, but then I remembered that we don't use GPUs for the main operation of our computers and there is probably a reason. So is it possible to make CPU based proof-of-work algorithm that wouldn't translate to GPUs or ASICs?

Peter Mortensen
  • 155
  • 3
user6916458
  • 193
  • 2
  • 5

1 Answers1

11

CryptoNight, the pow function used by Monero is such a function. https://monerodocs.org/proof-of-work/cryptonight/ Basically it needs more random memory accesses, and GPU memory is not designed for that. So the bottleneck is not the computing power, but the access to the memory. The CPU needs fast and random access to the memory all the time to execute programs, so it is designed to be good at that. Additionally CryptoNight is designed to work great with the L3 cache size of most CPU for really fast access.

Edit: Monero uses RandomX now and not CryptoNight, as I was told in the comments. The principle of relying on random memory access stays the same. In addition the instructions used for calculation depend on the input, what is really bad for gpu, since the cores can only perform the same instructions (they don't have separate program counters)

jjj
  • 469
  • 3
  • 8